Lucene search
+L

16 matches found

RedHat Linux
RedHat Linux
added 2026/06/12 7:56 p.m.12 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/11 11:46 a.m.12 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/22 7:55 a.m.16 views

kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match()

A flaw was found in the Linux kernel’s SMC Shared Memory Communication module: in smcclcprfxmatch, the function is called from smclistenwork without proper RCU or RTNL protection. The code previously used skdstgetsk-dev, which can lead to a use-after-free UAF condition if the sk’s destination is...

5.8AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/09 2:40 a.m.14 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.7AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/02 10:10 a.m.14 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.7AI score0.00188EPSS
Exploits0References5
OSV
OSV
added 2025/11/12 11:15 a.m.16 views

UBUNTU-CVE-2025-40135

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit Use RCU in ip6xmit in order to use dstdevrcu to prevent possible UAF...

6.6AI score0.00202EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/11/12 10:46 a.m.13 views

CVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

0.00188EPSS
Exploits0References3
OSV
OSV
added 2025/11/12 10:46 a.m.9 views

CVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

6.1AI score0.00188EPSS
Exploits0References6
CVE
CVE
added 2025/11/12 10:46 a.m.35 views

CVE-2025-40168

CVE-2025-40168 : In the Linux kernel, smc_clc_prfx_match() was using sk_dst_get(sk)->dev, which could trigger a use-after-free since smc_listen_work() is not under RCU/RTNL. The fix switches to __sk_dst_get() and dst_dev_rcu() to safely obtain the device. Note: the function’s return value is n...

5.8AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 10:23 a.m.9 views

CVE-2025-40158 ipv6: use RCU in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...

0.00212EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 10:23 a.m.15 views

CVE-2025-40135 ipv6: use RCU in ip6_xmit()

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit Use RCU in ip6xmit in order to use dstdevrcu to prevent possible UAF...

0.00202EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/11/12 10:23 a.m.12 views

CVE-2025-40133 mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable().

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not always under RCU. Using skdstgetsk-dev could trigger UAF. Let's use...

0.00194EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/28 7:11 p.m.7 views

CVE-2025-40074

In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dstdevrcu Change icmpv4xrlimallow, ipdefrag to prevent possible UAF. Change ipmrpreparexmit, ipmrqueuefwdxmit, ipmroutput, ipv4neighlookup to use lockdep enabled dstdevrcu...

6.4CVSS5.8AI score0.0017EPSS
Exploits0References4
OSV
OSV
added 2025/10/28 12:15 p.m.4 views

UBUNTU-CVE-2025-40064

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

5.7AI score0.0017EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/10/28 11:48 a.m.30 views

CVE-2025-40074 ipv4: start using dst_dev_rcu()

In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dstdevrcu Change icmpv4xrlimallow, ipdefrag to prevent possible UAF. Change ipmrpreparexmit, ipmrqueuefwdxmit, ipmroutput, ipv4neighlookup to use lockdep enabled dstdevrcu...

0.0017EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.4 views

PT-2025-46608

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the mptcp active enable function. This function is called from subflow finish connect, which is part of icsk-icsk af ops-sk rx dst set. The use of...

7.8CVSS5.4AI score0.00519EPSS
Exploits4References417
Rows per page
Query Builder